Skip to main content

Cyber attacks net North Korea millions in virtual currencies, say researchers

A hooded man holds a laptop computer as blue screen with an exclamation mark is projected on him in this illustration picture. PHOTO: REUTERS

A hooded man holds a laptop computer as a blue screen with an exclamation mark is projected on him in this illustration picture. PHOTO: REUTERS
SEOUL, SOUTH KOREA: A series of recent cyber attacks has netted North Korean hackers millions of dollars in virtual currencies like bitcoin, with more attacks expected as international sanctions drive the country to seek new sources of cash, researchers say.
North Korea’s government-backed hackers have been blamed for a rising number of cyber attacks, including the so-called WannaCry cyber attack that crippled hospitals, banks and other companies across the globe this year.
Analysts say the explosive growth in the value of bitcoin makes it and other “cryptocurrencies” an attractive target for North Korea, which has become increasingly isolated under international sanctions imposed over its nuclear weapons and missile programs.
Bitcoin was trading at over $19,104 per bitcoin at one point on Tuesday, up from less than $1,000 at the beginning of 2017, according to Coinmarketcap.com.


Researchers in South Korea, which hosts some of the world’s busiest virtual currency exchanges and accounts for 15 to 25 percent of world bitcoin trading on any given day, say attacks this year on exchanges like Bithumb, Coinis, and Youbit have the digital fingerprints of hackers from North Korea.
The researchers’ findings have not been independently verified.
North Korea has rejected accusations that it has been involved in hacking.
A spokesperson for South Korea’s Unification Ministry, which handles North Korean affairs, said on Monday the government was considering “countermeasures”, including more sanctions, over the cyber attacks.
Representatives of Bithumb and Coinis declined to comment.
On Monday, a Youbit spokesperson told Reuters the company had not been targeted by North Korean hackers, and on Tuesday the company announced it had suffered another cyber attack that cost it 17 percent of its assets, forcing the exchange to halt operations and file for bankruptcy.
The hackers behind the second attack were not identified, but one cybersecurity researcher, who said he was not authorized to speak about the matter as it was being investigated, said there were similarities between the Youbit hack reported on Tuesday and the earlier attack on the company, which has been linked to North Korea.


Another researcher, who worked with Youbit after the first hack in April, said the company has since experienced a consistent string of attacks that used malicious code previously used by North Korea.
Infected email
South Korea’s intelligence service reported that some 7.6 billion won ($7 million) worth of cryptocurrencies were stolen in those previous attacks on multiple exchanges, according to South Korea’s Chosun Ilbo newspaper.
But that amount could now be worth about 90 billion Korean won ($82 million), Moonbeom Park, a researcher at the Korea Internet and Security Agency, told Reuters.
Malicious code used in attacks over the summer was “virtually identical” to previous attacks connected to North Korea, he said.
The attacks this year began by targeting the companies themselves, stealing customers’ personal information, including names and email addresses, Park said.
Some of those customers were then targeted with so-called spearphishing emails – infected emails designed to look as if they were from South Korea’s taxation agency, the Korean National Tax Service, he said.
Other researchers said the attackers had impersonated other official bodies.
The emails told the recipient that the agency was about to conduct a tax investigation of the user.
An attached document, however, was a Korean-language file infected with a “Trojan Horse” program that would exploit a vulnerability in the Hanword Korean-language word processing software to allow the hackers to remotely control the user’s computer, Park said.
From there, the attackers would access the user’s bitcoin wallet either on the computer, or on the bitcoin exchange’s server, he said. Other researchers said the exchanges were also attacked using fake email accounts.
Cristiana Brafman Kittner, principal analyst at the cybersecurity firm FireEye, said she could not confirm whether North Korea had actually stolen any virtual currencies, but said hackers linked to it had targeted “multiple exchanges” over the past six to nine months.
“We believe that some of the criminal activity we are observing originating from North Korea is a result of the regime looking for alternative sources of revenue,” she said.
“North Korean cyber threat actors present an immediate risk to the financial services sector worldwide.”

Comments

Post a Comment

Popular posts from this blog

Develop your own game by learning these free courses

We recently recommended courses you should learn before you will launch your first startup in order to avoid some common mistakes. In Quick Tips today, we’ll recommend you some free courses that will help you make your first game and begin your career as a developer. Before we highlight the details of the courses you ought to take, here are some introductory courses which will prepare you to learn these courses more effectively; Java Programming Basics  – Prepare yourself for programming on Android and the Web Introduction to JavaScript  – Create animations and understand variables and strings. When you have gone through those courses above then proceed to ones given below to develop your first game: 1. Create a 2048 game in just 1 day For those who have zero experience in programming and don’t want to take the above courses, then enroll in this course from Udacity. You will learn the basics of HTML and CSS as well as their interaction with JavaScript. ...
Post a Comment
Read more

Huawei Mate 10 Pro: A Premium Flagship With Some Odd Omissions

When Huawei had launched, they were known as a brand that mostly dealt with budget smartphones and even their flagships were not up to the standards that people expected at that time. However, times have now changed and leading the innovation front nowadays is Huawei. A few of their flagships in the recent year or so have been nothing short of impressive but this year’s Mate 10 line up has changed the brand image forever and consumers now know that Huawei is a serious market player and should not be taken lightly. We’ve already reviewed the  Mate 10 Lite and there was a lot to like about that phone. Today we have with us the most expensive one of the bunch, the Mate 10 Pro. For a more in-depth review and understanding of various Mate 10 Pro features, do watch the video review linked below. Design Like most of the flagships in the industry, Huawei also makes use of some premium material on the Mate 10 Pro. You have curved Gorilla Glass on the front and back and where th...
Post a Comment
Read more

The upgraded Google News app is now available on iOS and Android

One of the more intriguing announcements at Google IO 2018 was of  a new Google News app  to take the place of the Google Play NewsStand, which was initially launched in 2013.  After describing the new Google News app  in a dedicated page for the app on its website, Google has now officially released the app on the  App Store  and  Google Play . Google Play NewsStand was used as a resource to get news around the world. The news would be of every category, even the news which doesn’t interest the user. Whereas with this new Google news app, the artificial intelligence of Google shows you the news you want to see, which you usually search for on Google. According to Google , the Google News app now  “uses a new set of AI techniques to take a constant flow of information as it hits the web, analyze it in real time and organize it into storylines.”  Artificial intelligence(AI) gives the app an ability to process and sort the news from...
Post a Comment
Read more